Mailing List Archive

From:: "Theo de Raadt" <deraadt@openbsd.org>
Subject:: Re: fix calendar -a
To:: Alexander Bluhm <bluhm@openbsd.org>, tech <tech@openbsd.org>
Date:: Mon, 16 Mar 2026 11:25:46 -0600

Download raw body.

Thread

- 2026-03-16 17:12 Theo de Raadt:
  fix calendar -a
2026-03-16 17:16 Crystal Kolipe:
fix calendar -a
- 2026-03-16 17:25 Theo de Raadt:
  fix calendar -a
- - 2026-03-16 17:43 Crystal Kolipe:
    fix calendar -a
  - - 2026-03-16 17:56 Theo de Raadt:
      fix calendar -a

Crystal Kolipe <kolipe.c@exoticsilicon.com> wrote:

> On Mon, Mar 16, 2026 at 11:01:43AM -0600, Theo de Raadt wrote:
> > Stuart Henderson <stu@spacehopper.org> wrote:
> > 
> > > On 2026/03/16 10:45, Theo de Raadt wrote:
> > > > I doubt you need "rx".
> > > > 
> > > > Does "x" not work?
> > > 
> > > it does, but / is already unveiled 'r' so using just 'x' for those
> > > doesn't seem any better?
> > 
> > Whoa, I am hearing a big misunderstanding.
> > 
> > Unveil creates a series of nested enclaves.
> > 
> > The permissions from a higher level are IRRELEVANT in a nested enclave.
> 
> This misunderstanding about unveil() keeps coming up in one form or another:
> 
> https://marc.info/?l=openbsd-tech&m=174600467800474

That is more than a misunderstanding.  That code is ignoring the manual
page.

The Unveil system is never activated in that code.

- 2026-03-16 17:12 Theo de Raadt:
  fix calendar -a
2026-03-16 17:16 Crystal Kolipe:
fix calendar -a
- 2026-03-16 17:25 Theo de Raadt:
  fix calendar -a
- - 2026-03-16 17:43 Crystal Kolipe:
    fix calendar -a
  - - 2026-03-16 17:56 Theo de Raadt:
      fix calendar -a